Privacy Policy

Who is responsible for the processing of your personal data?
Grupo Popeye is responsible for the processing of the user's personal data and informs you that this data will be processed in accordance with the provisions of Regulation (EU) 2016/679, of April 27 (GDPR), and Organic Law 3 /2018, of December 5 (LOPDGDD).
What type of data do we request and process?
Depending on the form or way of obtaining your data, we always ask you for the minimum necessary to fulfill the purposes detailed in each case.
Why do we process your personal data and why do we do it?

According to the form where we have obtained your personal data, we will treat it confidentially to achieve the purposes:

• In the Contact form

  • Respond to queries or any type of request that is made by the user through any of the contact forms that are made available on the website of the person in charge. (for the legitimate interest of the person in charge, art. 6.1.f GDPR)

  • Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that makes it possible to carry out commercial communications. These communications will be made by the person in charge and will be related to their products and services, or their collaborators or suppliers, with whom they have reached a promotional agreement. In this case, third parties will never have access to personal data. (by consent of the interested party, 6.1.a GDPR)

  • Perform statistical analysis and market research. (for the legitimate interest of the person in charge, art. 6.1.f GDPR)

• In the Newsletter form

  • Send newsletters, news, offers and online promotions (by consent of the interested party, 6.1.a GDPR)​

• In the Request a quote form

  • Send commercial budgets on products and services (for the execution of a contract or pre-contract, 6.1.b GDPR)​

  • Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that makes it possible to carry out commercial communications. These communications will be made by the person in charge and will be related to their products and services, or their collaborators or suppliers, with whom they have reached a promotional agreement. In this case, third parties will never have access to personal data. (by consent of the interested party, 6.1.a GDPR)

• In the Resume form

  • Involve the interested party in the personnel selection processes and analyze the applicant's profile in order to select a candidate for the vacant position of the manager. (by consent of the interested party, 6.1.a GDPR)​

• In the Comments form

  • Moderate and publish opinions on a publication on the website. (by consent of the interested party, 6.1.a GDPR)​

• In the Request a demo form

  • Send the requested demo and answer the questions raised. (for the legitimate interest of the controller, art. 6.1.f GDPR)​

  • Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that makes it possible to carry out commercial communications. These communications will be made by the person in charge and will be related to their products and services, or their collaborators or suppliers, with whom they have reached a promotional agreement. In this case, third parties will never have access to personal data. (by consent of the interested party, 6.1.a GDPR)

  • Perform statistical analysis and market research. (for the legitimate interest of the person in charge, art. 6.1.f GDPR)

• In the User Registration form

  • Manage the user's account to provide personalized access to the website and the interactive services it offers. (by consent of the interested party, 6.1.a GDPR)​

• In the form E-commerce

  • Manage your purchase or order online, process the payment and proceed to send it, based on the general contracting conditions. (for the execution of a contract or pre-contract, 6.1.b GDPR)​

  • Manage, maintain, improve or develop the services provided. (for the execution of a contract or pre-contract, 6.1.b GDPR)

  • Conduct satisfaction and quality surveys. (for the legitimate interest of the person in charge, art. 6.1.f GDPR)

• In the form Giveaways and promotions

  • Participate in raffles, contests, promotions or other services offered by the person in charge. (by consent of the interested party, 6.1.a GDPR)​

  • Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that makes it possible to carry out commercial communications. These communications will be made by the person in charge and will be related to their products and services, or their collaborators or suppliers, with whom they have reached a promotional agreement. In this case, third parties will never have access to personal data. (by consent of the interested party, 6.1.a GDPR)

• In the Appointments form

  • Schedule appointments and meetings with the manager. (for the legitimate interest of the controller, art. 6.1.f GDPR)​

• Social media

  • Contact through Social Networks in order to maintain a relationship between the User and the Controller that may include the following operations: - Processing your requests and queries. - Inform about activities and events. - Inform about products and/or services. - Interact through official profiles. The user has a profile on the same social network and has decided to join the Social Network of the Responsible, thus showing their interest in the information published on it, therefore at the time of requesting to follow our official page, they provide us with your consent to the processing of your data. The User can access the privacy policies of the social network itself at any time, as well as configure their profile to guarantee their privacy. Once the User is a follower or has joined the Social Network of the Responsible Party, they may post comments, links, images, photographs or any other type of content supported by it. The User, in all cases, must be the owner of the published content, enjoy the copyright and intellectual property rights or have the consent of the affected third parties. - Sending of commercial communications related to the activities of Group companies, as well as companies external to it, with which commercial collaboration or intermediation agreements have been established. (by consent of the interested party, 6.1.a GDPR)​

• Instant messaging

  • Schedule appointments and meetings with the manager. (for the legitimate interest of the controller, art. 6.1.f GDPR)​

  • Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, to customers, which makes it possible to carry out commercial communications regarding products or services that are similar to those initially targeted of contracting with the client (art. 21.2 LSSI). (for the legitimate interest of the controller, art. 6.1.f GDPR

  • Manage, maintain, improve or develop the services provided. (for the execution of a contract or pre-contract, 6.1.b GDPR)

  • Manage your purchase or order online, process the payment and proceed to send it, based on the general contracting conditions. (for the execution of a contract or pre-contract, 6.1.b GDPR)

  • Send commercial budgets on products and services. (for the execution of a contract or pre-contract, 6.1.b GDPR)

  • Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that makes it possible to carry out commercial communications. These communications will be made by the person in charge and will be related to their products and services, or their collaborators or suppliers, with whom they have reached a promotional agreement. In this case, third parties will never have access to personal data. (by consent of the interested party, 6.1.a GDPR)

  • Respond to queries or any type of request that is made by the user through any of the contact forms that are made available on the website of the person in charge. (for the legitimate interest of the person in charge, art. 6.1.f GDPR)

• Video surveillance

  • Purpose Security and access control, labor control and internal activity Legitimation Public interest in security and access control and legitimate interest of the Responsible based on Art. 20.3 of the Workers' Statute Conservation A maximum of 30 days (by consent of the interested party, 6.1.a GDPR)​

• Images and recordings

  • File with static and/or dynamic images. Includes publication in the media of the data controller or third parties. (by consent of the interested party, 6.1.a GDPR)​

• Clients and suppliers

  • Commercial management with clients and suppliers (for the legitimate interest of the person in charge, art. 6.1.f GDPR)​

• advertising exclusion

  • Data management to avoid sending commercial communications to those who have expressed their refusal or opposition to receiving them. (for compliance with a legal obligation, 6.1.c GDPR)​

• Commercial advertising

  • Advertising management and commercial prospecting. Includes data from legitimate publicly accessible sources. (for the legitimate interest of the controller, art. 6.1.f GDPR)​

• Right of the interested parties

  • Respond to requests from citizens in the exercise of the rights established by the GDPR (for compliance with a legal obligation, 6.1.c GDPR)​

• Web users, app and other responsa platforms

  • Identification data of users who access the corporate website. (for the legitimate interest of the controller, art. 6.1.f GDPR)​

• Training, courses, workshops, activities or similar

  • Management of access and use conditions. (for the legitimate interest of the controller, art. 6.1.f GDPR)​

• Wi-Fi network connection

  • Perform statistical analysis and market research. (for the legitimate interest of the person in charge, art. 6.1.f GDPR)​

  • Conduct satisfaction and quality surveys. (for the legitimate interest of the person in charge, art. 6.1.f GDPR) (for the consent of the interested party, 6.1.a GDPR)

• Data of minors or vulnerable

  • The person in charge will not collect or process personal data of minors under fourteen years of age, without fully complying with the requirements established in the applicable data protection regulations, in relation to compliance with the duty to inform and obtaining any necessary consents. The data collected will be processed for the management of the reported purposes. The person in charge has the appropriate security measures for the security of this data. (by consent of the interested party, 6.1.a GDPR)​

• Legal representatives and contact persons​

  • In the event that you are a legal representative or contact person of any of the entities or persons with which the Foundation is related, the person in charge will process your data to control the development of the intended relationship. (by consent of the interested party, 6.1.a GDPR)​

For how long will we keep your personal data?

They will be kept for no longer than necessary to maintain the purpose of the treatment or there are legal prescriptions that dictate their custody and when it is no longer necessary to do so, they will be deleted with adequate security measures to guarantee the anonymization of the data or the total destruction of the data. the same.

To whom do we provide your personal data?

No communication of personal data to third parties is foreseen except, if necessary for the development and execution of the purposes of the treatment, to our providers of services related to communications, with which the person in charge has signed the confidentiality and manager contracts. treatment required by current privacy regulations.

Do we make international transfers?

In accordance with the provisions of article 44 of the GDPR, the authorization for international data transfer to a country that has not been declared as a country with an adequate level of protection can only be granted if sufficient guarantees are obtained. Thus, it may be granted if the person responsible for the treatment provides a written contract, entered into between the exporter and the importer of data, in which the necessary guarantees of respect for the protection of the interested parties are stated and the exercise of their rights is guaranteed.

It is possible that the person in charge has services from providers that have servers or headquarters in other places and, therefore, these transfers are made. To consult the updated list of suppliers, consult the person in charge.

What are your rights?

The rights that assist the user are:

• Right to withdraw consent at any time.

• Right of access, rectification, portability and deletion of your data, and limitation or opposition to its treatment.

• Right to file a claim with the control authority (www.aepd.es) if you consider that the treatment does not comply with current regulations.

Contact information to exercise your rights:

Grupo Popeye,  C/ Mestre Chapi, 42 - Palma de Mallorca (Barrio El Vivero), 07008 - email ceipopeye@ceipopeye.es